X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/555a487afb510c561d094f27bb08119694e7388f..7ffac4c10144a8458fec6de03c58f3b49d081e5c:/debian/apt.postinst?ds=sidebyside

diff --git a/debian/apt.postinst b/debian/apt.postinst
old mode 100644
new mode 100755
index 4d87c4e25..01f78a1dd
--- a/debian/apt.postinst
+++ b/debian/apt.postinst
@@ -15,12 +15,43 @@ set -e
 
 case "$1" in
     configure)
-	SECRING='/etc/apt/secring.gpg'
-	# test if secring is an empty normal file
-	if test -f $SECRING -a ! -s $SECRING; then
-		rm -f $SECRING
+	if dpkg --compare-versions "$2" lt 1.0.7; then
+	    # apt-key before 0.9.10 could leave empty keyrings around
+	    find /etc/apt/trusted.gpg.d/ -name '*.gpg' | while read keyring; do
+		if ! test -s "$keyring"; then
+		    rm -f "$keyring"
+		fi
+	    done
 	fi
-	apt-key update
+
+	if dpkg --compare-versions "$2" lt-nl 0.9.9.5; then
+	    # we are using tmpfiles for both
+	    rm -f /etc/apt/trustdb.gpg
+	    # this removal was done unconditional since 0.8.15.3
+	    SECRING='/etc/apt/secring.gpg'
+	    # test if secring is an empty normal file
+	    if test -f $SECRING -a ! -s $SECRING; then
+	        rm -f $SECRING
+	    fi
+	fi
+
+        # add unprivileged user for the apt methods
+        adduser --force-badname --system -home /var/empty \
+            --no-create-home --quiet _apt || true
+        chown -R _apt:root \
+            /var/lib/apt/lists \
+            /var/cache/apt/archives
+
+        # ensure tighter permissons on the logs, see LP: #975199
+        if dpkg --compare-versions "$2" lt-nl 0.9.7.7; then
+            # ensure permissions are right
+            chmod -f 0640 /var/log/apt/term.log* || true
+        fi
+
+        # create kernel autoremoval blacklist on update
+        if dpkg --compare-versions "$2" lt 0.9.9.3; then
+            /etc/kernel/postinst.d/apt-auto-removal
+        fi
     ;;
 
     abort-upgrade|abort-remove|abort-deconfigure)